the tempfile.mktemp() function was deprecated since version 2.3; it's long ago (nearly 17 years)! It should be removed since it causes security holes, as stated in the tempfile doc (https://docs.python.org/3/library/tempfile.html#tempfile.mktemp).

A small typo in the 1st comment:
The tempfile.mktemp() function was deprecated since version 2.3; it's long ago (nearly 17 years!). It should be removed since it causes security holes, as stated in the tempfile doc (https://docs.python.org/3/library/tempfile.html#tempfile.mktemp).

I think this is a duplicate of bpo-36309.

Sorry, didn't realize that.

But I think the function should redirect to NamedTemporaryFile(delete=False).

You could add a check that does this:
(a)
from tempfile import mktemp
with open(mktemp()) as f:
    # do something...

## No Warnings
(b)
from tempfile import mktemp
path = mktemp()
# do something...
with open(mktemp()) as f:
    # do something...

## RuntimeWarning: mktemp() is unsafe. Use NamedTemporaryFile(delete=False).

(c)
from tempfile import mktemp
# do something...
path = mktemp()
# do something... (the "path" var is not used at all)

## No Warning

case c is used for the case that is stated in https://mail.python.org/pipermail/python-dev/2019-March/156725.html (a
temporary name that an other program will create / act on).

I know it's hard to achieve :)

Sorry, in (a)(b) is should be with "open(mktemp(),'x') as f:".

Reopen.
1.See https://mail.python.org/pipermail/python-dev/2019-March/156765.html and https://owasp.org/www-community/vulnerabilities/Insecure_Temporary_File. It's *serious*.
2.Why not use this to generate a
temporary name that an other program will create/act on?
import secrets
path = f"{x}{secrets.token_hex(n)}" # n is an large int
                                    # x is a path like "/tmp"
# do something...

wyz23x2, why do you think that this is not a duplicate of issue36309?

Well, I just think it's *serious*.
I respect your thoughts. If you want to close this, you can.